hi
i checked about 20 spreadsheets of bounty campaigns. and in these lists i found about 15 private keys to ETH addresses.
people post their key instead of their address.
all the addresses had nothing in it. maybe somebody else already emptied them.
This is a common thing which I do observed that people do mistakenly posted private keys instead of their own Eth wallet address.You would really be able to be hacked and people will surely get in on that wallet and took all the funds on it. Chances on hitting a jackpot on stealing other peoples coins,if you are careless then you would really make such loss but as far as I observed most people posted private keys are newbie or low ranks which most of those wallets are newly created.